bonus
/
GZMachinesWeb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
GZMachinesWeb/.svn/pristine/d3/d3e621051c6cb03d7caf35d701f...

58 lines
2.1 KiB
Plaintext
Raw Normal View History

Initial commit
2025-06-20 17:47:53 +08:00
package com.bonus.core.jwt;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
import com.bonus.core.StringHelper;
import io.jsonwebtoken.Claims;
import java.util.Date;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class JwtFilter extends BasicHttpAuthenticationFilter {
@Override
protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object mappedValue) {
HttpServletResponse response = (HttpServletResponse) servletResponse;
response.setContentType("application/pdf");
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Allow-Headers", "Authorization");
response.setHeader("Access-Control-Max-Age", "0");
HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
// 自定义JWT验证逻辑
String token = httpRequest.getHeader("Authorization");
if (StringHelper.isNotEmpty(token) && token.startsWith("Bearer ")) {
token = token.substring(7); // 去掉"Bearer "
JwtUtil jwtUtil = new JwtUtil();
Claims claims = jwtUtil.parseToken(token);
if (claims == null || claims.getExpiration().before(new Date())) {
throw new UnauthorizedException("Token已过期或无效");
}else{
return true;
}
}else{
return false;
}
// 如果验证通过返回true否则返回false
}
@Override
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
// 验证失败处理逻辑
// ...
// 你可以在这里设置响应状态码、响应体等
return false;
}
}